224336 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mm: call -freefolio directly in foliounmapinvalidate. We can only call filemapfreefolio if we have a reference to or hold a lock on the mapping. Otherwise, we have already removed the folio from the mapping, so it no longer pinch...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mshvvtl: Fixed the issue where vmemmapshift exceeded MAXFOLIOORDER. When registering VTL0 memory via MSHVADDVTL0MEMORY, the kernel calculates pgmap-vmemmapshift as the number of trailing zeros in the OR of startpfn and lastpfn. T...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: PCI: Endpoint: pci-epf-vntb: Stop cmdhandler work in epfntbepccleanup Disable the delayed work before clearing BAR mappings and doorbells to avoid running the handler after resources have been torn down. Unable to handle kernel...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Media: MediTech; vcodec: Fix for use-after-free in the encoder release path. The fopsvcodecrelease function frees the context structure ctx without first canceling any pending or ongoing operations in ctx-encodework. This creates...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: clockevents: Added missing resets to the nexteventforced flag. The mechanism used to prevent timer interrupts from being missed failed to reset the nexteventforced flag in several locations: - When the state of the clock event...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: writeback: Fixed the use of “free” after processing in inodeswitchwbsworkfn. The function inodeswitchwbsworkfn has a loop like this: c wbgetnewwb; while 1 list = llistdelall&newwb-switchwbsctxs; / Nothing to do? / if !list break;...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ethtool: strset: fix message length calculation The outer nesting of ETHTOOLASTRSETSTRINGSETS is not taken into account. This may result in ETHTOOLMSGSTRSETGET generating a warning like this: “Calculated message payload length 68...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: scsi: qla2xxx: Fix command flush on cable pull The system crashed due to a command failing to be flushed back to the SCSI layer. Bug: Unable to handle a NULL pointer dereferencing in the kernel at address 0000000000000000. PGD...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: dev-replace: Device name buffers passed to the device replace function are properly validated for string termination. This prevents a read out of bounds situation in the getnamekernel function. There is a syzbot report...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: requires CAPNETADMIN to attach NGSM0710 ldisc Any unprivileged user can attach to NGSM0710 ldisc, but it still requires CAPNETADMIN to create a GSM network. Additionally, requiring CAPNETADMIN for the initial namespace...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fixed a double-free in sidpminit When the allocation of adev-pm.dpm.dynstate.vddcDependenceondispclk.entries fails, amdgpufreeextendedpowertable is called to free some fields of adev. However, when the control flow...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: i40e: Fixed NULL pointer dereferencing in i40edbgdumpdesc. When attempting to dump VFs using debugfs, a crash occurred due to NULL pointer dereferencing in i40edbgdumpdesc. A check was added to i40edbgdumpdesc to ensure that the...
Astra Linux - уязвимость в linux, linux-5.10
A use-after-free vulnerability was discovered in the Linux kernel, specifically in the drivers/net/hamradio module. This flaw allows a local attacker with user privileges to cause a denial of service DOS condition when the mkiss or sixpack device is detached, resulting in premature reclamation of...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: can: sja1000: fix use after free in emspcmciaaddcard If the last channel is not available, then “dev” is freed. Fortunately, we can simply use “pdev-irq” instead. Also, we should check whether at least one channel was set up...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fixed negative period/buffer sizes The calculation of the period size in the OSS layer may generate a negative value as an error. However, the code there assumes only positive values and handles them using sizet. ...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ocfs2: Fixed data corruption after conversion from inline format. The commit 6dbf7bb55598 “fs: Do not invalidate page buffers in blockwritefullpage” uncovered a latent bug in the conversion from inline inode format to a normal...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/amdgpu: fixed the gart.bo pincount leak. gmcv9,100gartdisable is not called when there’s no corresponding gartenable function in the SRIOV case. This will lead to a gart.bo pincount leak when the driver is unloaded...
Astra Linux - уязвимость в linux-6.1, linux, linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: inet: inetdefrag: prevent sk from being released while still in use The functions iplocalout and others can pass skb-sk as a function argument. If the skb is a fragment and reassembly occurs before such a function call returns, t...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: llcc: Handle a second device without data corruption. Usually, there is only one llcc device. But if there were a second one, even a failed probe call would modify the global drvdata pointer. Therefore, check whether...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
A use-after-free vulnerability exists in the netfilter component of the Linux kernel’s nftables module, which can be exploited to achieve local privilege escalation. This vulnerability arises due to a race condition between the nftables netlink control plane transaction and the nftset element’s...